An intrusion into the network through some vulnerability in the program interface. In recent years, vulnerabilities in the software installed on computers have proven to be one of the most effective means for crackers to spread malware. Defined as flaws in programs or Information Technology systems, security holes (or vulnerabilities) can allow viruses or other malware to carry out their intended actions—even without user intervention.
As a case in point, in 2002 the Klez.I worm used this means of transmission to do its dirty deed, and in 2004 it was still one of the viruses most frequently detected on users’ computers. The vulnerability exploited by this worm affected the Internet Explorer browser. Other, more recent examples of malicious code exploiting software vulnerabilities and causing costly epidemics in cyberspace include Blaster, SQLSlammer, and Nachi. Today, numerous console exploits continue to be designed to exploit software vulnerabilities. The good news is that once a vulnerability is discovered, patches are issued in a shorter time than in the recent past. Nevertheless, fears continue in the security community about Zero-day exploits.
Secure Resolutions, Inc. Panda Software: Software Vulnerabilities: An Increasingly Popular Resource for Spreading Malware. [Online, March 30, 2004.] Secure Resolutions Website. http://www.secureresolutions.com/support/securityNews.